Realdolmen Education

Details

Android Security Essentials

This course is currently not scheduled on the open calendar, but can be organized on request.

Request Course

Duration

2 day(s)

Audience

Developers who need to make their Android applications more secure

Prerequisites

Having good knowledge of Android development. It is recommended to have followed the Android Application Development (AND-401) course.

Objectives

Learn about the Android security model from both the developer and end-user point of view

Methods

Classroom training with hands-on exercises

Description

Android is a popular and modern mobile platform, and is used by millions of users all over the world. There are Android applications for almost anything imaginable. Need something? You can find an app for it!

All these apps bring innovation and value to their users. They will use advanced hardware and software features, and will often require access to local and served data. To protect the user's data and his device, a robust security platform is necessary. Android is designed with a multi-layer security that provides enough flexibility while protecting its users and their data. It is important for Android developers to familiarize themselves with the Android security best practices.

This two-days course will cover a wide range of essential Android security topics. It will explain the Android security concepts from the point of view of users and developers. It contains step-by-step guides to help you build more secure Android applications.

At the end of the course you will be able to:

  1. Understand the Android software architecture
  2. Understand Android’s security model
  3. Build more secure and more robust Android applications with security best practices in mind

During practical programming labs, you will create several working Android apps, while learning how to apply these security concept in practice.

Contents

  • Lesson 1: Permissions
    • Introduction
    • Android Platform Architecture
    • Android Security Architecture
    • Permissions
    • Levels of Protection
    • Application Level Permissions
    • Component Level Permissions
    • Extending Android Permissions
    • Lab 1: Securing Applications Using Permissions
  • Lesson 2: Managing the Policy File
    • Introduction
    • The Manifest File
    • Modifying Application Policy
    • Lab 2: Defining the Application’s Policy File
  • Lesson 3: User Data Privacy and Protection
    • Introduction
    • Data Security Principles
    • Vulnerabilities and Attacks Against Stored Data
    • Protection Principles
    • Digital Rights Management
    • Lab 3: Data Confidentiality and Protection
  • Lesson 4: Securing Storage
    • Introduction
    • Data Storage Decisions
    • Storage Mechanisms
    • Shared Preferences
    • File
    • Cache
    • Database
    • Lab 4: Data Storage Applications